Setting a password policy for Android

Set a password policy for accessing the Mobile application on Android.

About this task

A password policy is a set of rules that controls how passwords are used and administered for the Mobile application. These rules can ensure that users change their passwords periodically and that their passwords meet your organization’s password complexity requirements. The rules can also restrict the reuse of old passwords and ensure that users are locked out after a specific number of failed login attempts.

When the Mobile application is installed, there is no password policy in effect until you create one.

Tip: When a password policy is in use, users of the Android V3 or higher operating system must complete the following steps when they want to uninstall the Connections app:
  1. Go to Settings > Security > Device Administrators.
  2. Clear Connections Security.
  3. Uninstall the app.

To set or change a password policy, complete the following steps:

Procedure

  1. Log in to the Mobile Admin console and click Device Settings.
  2. Click the link to one of the supported operating systems. For example: Android
  3. Optional: To delete the current policy, click Delete Policy. You cannot restore a deleted policy, you must create a policy, if required.
  4. Optional: To disable the current policy, click Disable Policy. A disabled policy still exists so that you can edit it, if required. When you re-enable a policy, it is applied to devices from that point.
  5. Modify the policy settings.
    Tip: Hover the cursor over a data field to display helpful information about the corresponding entry.
    Policy Name
    Enter a name for the policy.
    Password Type
    Select the type of password that users can choose; for example: numeric, alphanumeric, or complex.
    Note: Complex passwords are supported in Android V3.0 and higher.
    Minimum Password Length
    Specify the minimum number of characters that a password must contain. The allowed range is 0-64; the default is zero means that there are no restrictions.
    Maximum Number of Failed Attempts
    Specify how many login attempts are allowed. The maximum value is 16. A value of zero means that there are no restrictions.
    Important: If a user exceeds the maximum number of login attempts that are specified by this setting, all the data on the device is wiped and the factory settings are applied.
    Auto-Lock (in minutes)
    Specify the number of minutes of inactivity that must elapse before the device is locked. The maximum value is 60. A value of zero means that there are no restrictions.
    Password Expiration Timeout (in days)
    Specify the number of days that must elapse pass before passwords must be changed. The maximum value is 730. A value of zero means that there are no restrictions.
    Tip: Users receive 24 hours notification before their passwords expire.
    Password History Count
    Specify the number of unique passwords that are required before one can be reused. The range is 0-50. A value of zero means that there are no restrictions.
  6. Click Save to save your changes. Alternatively, click Refresh to discard your changes.